From b3dad1d6b3b0f458c185ba57472ed6aa3f2782ff Mon Sep 17 00:00:00 2001 From: Frankie G-J Date: Mon, 29 Mar 2021 09:52:06 -0400 Subject: [PATCH 1/6] resolves #144 (#145) --- cargo/jam/internal/image.go | 3 +++ cargo/jam/internal/image_test.go | 5 +++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/cargo/jam/internal/image.go b/cargo/jam/internal/image.go index a287ead8..ef699c52 100644 --- a/cargo/jam/internal/image.go +++ b/cargo/jam/internal/image.go @@ -45,6 +45,9 @@ func FindLatestImage(uri string) (Image, error) { if err != nil { continue } + if version.Prerelease() != "" { + continue + } versions = append(versions, version) } diff --git a/cargo/jam/internal/image_test.go b/cargo/jam/internal/image_test.go index 6fc60283..32c8333e 100644 --- a/cargo/jam/internal/image_test.go +++ b/cargo/jam/internal/image_test.go @@ -44,7 +44,8 @@ func testImage(t *testing.T, context spec.G, it spec.S) { "0.20.1", "0.20.12", "999999", - "latest" + "latest", + "0.20.13-rc1" ] }`) @@ -80,7 +81,7 @@ func testImage(t *testing.T, context spec.G, it spec.S) { Expect(os.RemoveAll(dockerConfig)).To(Succeed()) }) - it("returns the latest semver tag for the given image uri", func() { + it("returns the latest non-prerelease semver tag for the given image uri", func() { image, err := internal.FindLatestImage(fmt.Sprintf("%s/some-org/some-repo:latest", strings.TrimPrefix(server.URL, "http://"))) Expect(err).NotTo(HaveOccurred()) Expect(image).To(Equal(internal.Image{ From cb4becf10ff19e52443f91cc4330b90ec382993d Mon Sep 17 00:00:00 2001 From: Forest Eckhardt Date: Tue, 30 Mar 2021 15:35:30 +0000 Subject: [PATCH 2/6] Adds support for writing text files in Vacation Signed-off-by: Timothy Hitchener --- postal/service_test.go | 6 ++-- vacation/init_test.go | 1 + vacation/vacation.go | 23 ++++++++++++++- vacation/vacation_archive_test.go | 3 +- vacation/vacation_text_test.go | 49 +++++++++++++++++++++++++++++++ 5 files changed, 78 insertions(+), 4 deletions(-) create mode 100644 vacation/vacation_text_test.go diff --git a/postal/service_test.go b/postal/service_test.go index 9daea968..84827b0f 100644 --- a/postal/service_test.go +++ b/postal/service_test.go @@ -450,7 +450,8 @@ version = "this is super not semver" context("when the file contents are empty", func() { it.Before(func() { - buffer := bytes.NewBuffer(nil) + // This is a FLAC header + buffer := bytes.NewBuffer([]byte("\x66\x4C\x61\x43\x00\x00\x00\x22")) transport.DropCall.Returns.ReadCloser = io.NopCloser(buffer) sum := sha256.Sum256(buffer.Bytes()) @@ -703,7 +704,8 @@ version = "this is super not semver" context("when the file contents are empty", func() { it.Before(func() { - buffer := bytes.NewBuffer(nil) + // This is a FLAC header + buffer := bytes.NewBuffer([]byte("\x66\x4C\x61\x43\x00\x00\x00\x22")) transport.DropCall.Returns.ReadCloser = io.NopCloser(buffer) sum := sha256.Sum256(buffer.Bytes()) diff --git a/vacation/init_test.go b/vacation/init_test.go index 1a3addce..03e4fb37 100644 --- a/vacation/init_test.go +++ b/vacation/init_test.go @@ -13,6 +13,7 @@ func TestVacation(t *testing.T) { suite("VacationTar", testVacationTar) suite("VacationTarGzip", testVacationTarGzip) suite("VacationTarXZ", testVacationTarXZ) + suite("VacationText", testVacationText) suite("VacationZip", testVacationZip) suite.Run(t) } diff --git a/vacation/vacation.go b/vacation/vacation.go index 484170d0..31a000fc 100644 --- a/vacation/vacation.go +++ b/vacation/vacation.go @@ -141,7 +141,6 @@ func (ta TarArchive) Decompress(destination string) error { if err != nil { return fmt.Errorf("failed to extract symlink: %s", err) } - } } @@ -150,6 +149,10 @@ func (ta TarArchive) Decompress(destination string) error { // Decompress reads from Archive, determines the archive type of the input // stream, and writes files into the destination specified. +// +// Archive decompression will also handle files that are types "text/plain; +// charset=utf-8" and write the contents of the input stream to a file name +// "artifact" in the destination directory. func (a Archive) Decompress(destination string) error { // Convert reader into a buffered read so that the header can be peeked to // determine the type. @@ -176,6 +179,10 @@ func (a Archive) Decompress(destination string) error { return NewTarXZArchive(bufferedReader).StripComponents(a.components).Decompress(destination) case "application/zip": return NewZipArchive(bufferedReader).Decompress(destination) + case "text/plain; charset=utf-8": + // This function will write the contents of the reader to file called + // "artifact" in the destination directory + return writeTextFile(bufferedReader, destination) default: return fmt.Errorf("unsupported archive type: %s", mime.String()) } @@ -203,6 +210,20 @@ func (txz TarXZArchive) Decompress(destination string) error { return NewTarArchive(xzr).StripComponents(txz.components).Decompress(destination) } +func writeTextFile(reader io.Reader, destination string) error { + file, err := os.Create(filepath.Join(destination, "artifact")) + if err != nil { + panic(err) + } + + _, err = io.Copy(file, reader) + if err != nil { + return err + } + + return nil +} + // StripComponents behaves like the --strip-components flag on tar command // removing the first n levels from the final decompression destination. // Setting this is a no-op for archive types that do not use --strip-components diff --git a/vacation/vacation_archive_test.go b/vacation/vacation_archive_test.go index 33ad9985..a52e773b 100644 --- a/vacation/vacation_archive_test.go +++ b/vacation/vacation_archive_test.go @@ -264,7 +264,8 @@ func testVacationArchive(t *testing.T, context spec.G, it spec.S) { tempDir, err = os.MkdirTemp("", "vacation") Expect(err).NotTo(HaveOccurred()) - buffer := bytes.NewBuffer([]byte(`some contents`)) + // This is a FLAC header + buffer := bytes.NewBuffer([]byte("\x66\x4C\x61\x43\x00\x00\x00\x22")) archive = vacation.NewArchive(buffer) }) diff --git a/vacation/vacation_text_test.go b/vacation/vacation_text_test.go new file mode 100644 index 00000000..24496a46 --- /dev/null +++ b/vacation/vacation_text_test.go @@ -0,0 +1,49 @@ +package vacation_test + +import ( + "bytes" + "os" + "path/filepath" + "testing" + + "github.com/paketo-buildpacks/packit/vacation" + "github.com/sclevine/spec" + + . "github.com/onsi/gomega" +) + +func testVacationText(t *testing.T, context spec.G, it spec.S) { + var ( + Expect = NewWithT(t).Expect + ) + + context("when passed the reader of a text file", func() { + var ( + archive vacation.Archive + tempDir string + ) + + it.Before(func() { + var err error + tempDir, err = os.MkdirTemp("", "vacation") + Expect(err).NotTo(HaveOccurred()) + + buffer := bytes.NewBuffer([]byte(`some contents`)) + + archive = vacation.NewArchive(buffer) + }) + + it.After(func() { + Expect(os.RemoveAll(tempDir)).To(Succeed()) + }) + + it("writes a text file onto the path", func() { + err := archive.Decompress(tempDir) + Expect(err).NotTo(HaveOccurred()) + + content, err := os.ReadFile(filepath.Join(tempDir, "artifact")) + Expect(err).NotTo(HaveOccurred()) + Expect(content).To(Equal([]byte(`some contents`))) + }) + }) +} From a4b5f8e7c91eb004f6e55ecbb807bdd55d641360 Mon Sep 17 00:00:00 2001 From: Ryan Moran Date: Mon, 29 Mar 2021 17:19:19 -0700 Subject: [PATCH 3/6] Add bill of materials entry facility for postal.Service --- postal/buildpack.go | 12 ++++----- postal/service.go | 27 ++++++++++++++++++++ postal/service_test.go | 57 +++++++++++++++++++++++++++++++++++++++++- 3 files changed, 89 insertions(+), 7 deletions(-) diff --git a/postal/buildpack.go b/postal/buildpack.go index 9e46ba26..7161404a 100644 --- a/postal/buildpack.go +++ b/postal/buildpack.go @@ -16,15 +16,9 @@ type Dependency struct { // ID is the identifier used to specify the dependency. ID string `toml:"id"` - // Version is the specific version of the dependency. - Version string `toml:"version"` - // Name is the human-readable name of the dependency. Name string `toml:"name"` - // URI is the uri location of the built dependency. - URI string `toml:"uri"` - // SHA256 is the hex-encoded SHA256 checksum of the built dependency. SHA256 string `toml:"sha256"` @@ -36,6 +30,12 @@ type Dependency struct { // Stacks is a list of stacks for which the dependency is built. Stacks []string `toml:"stacks"` + + // URI is the uri location of the built dependency. + URI string `toml:"uri"` + + // Version is the specific version of the dependency. + Version string `toml:"version"` } func parseBuildpack(path, name string) ([]Dependency, string, error) { diff --git a/postal/service.go b/postal/service.go index 233c0391..eb9bdd66 100644 --- a/postal/service.go +++ b/postal/service.go @@ -7,8 +7,10 @@ import ( "regexp" "sort" "strings" + "time" "github.com/Masterminds/semver/v3" + "github.com/paketo-buildpacks/packit" "github.com/paketo-buildpacks/packit/cargo" "github.com/paketo-buildpacks/packit/postal/internal" "github.com/paketo-buildpacks/packit/vacation" @@ -177,3 +179,28 @@ func (s Service) Deliver(dependency Dependency, cnbPath, layerPath, platformPath func (s Service) Install(dependency Dependency, cnbPath, layerPath string) error { return s.Deliver(dependency, cnbPath, layerPath, "/platform") } + +// GenerateBillOfMaterials will generate a list of BOMEntry values given a +// collection of Dependency values. +func (s Service) GenerateBillOfMaterials(dependencies ...Dependency) []packit.BOMEntry { + var entries []packit.BOMEntry + for _, dependency := range dependencies { + entry := packit.BOMEntry{ + Name: dependency.Name, + Metadata: map[string]interface{}{ + "sha256": dependency.SHA256, + "stacks": dependency.Stacks, + "uri": dependency.URI, + "version": dependency.Version, + }, + } + + if (dependency.DeprecationDate != time.Time{}) { + entry.Metadata["deprecation-date"] = dependency.DeprecationDate + } + + entries = append(entries, entry) + } + + return entries +} diff --git a/postal/service_test.go b/postal/service_test.go index 84827b0f..72fcd99d 100644 --- a/postal/service_test.go +++ b/postal/service_test.go @@ -14,6 +14,7 @@ import ( "testing" "time" + "github.com/paketo-buildpacks/packit" "github.com/paketo-buildpacks/packit/postal" "github.com/paketo-buildpacks/packit/postal/fakes" "github.com/sclevine/spec" @@ -38,7 +39,6 @@ func testService(t *testing.T, context spec.G, it spec.S) { Expect(err).NotTo(HaveOccurred()) path = file.Name() - _, err = file.WriteString(` [[metadata.dependencies]] deprecation_date = 2022-04-01T00:00:00Z @@ -823,4 +823,59 @@ version = "this is super not semver" }) }) }) + + context("GenerateBillOfMaterials", func() { + var deprecationDate time.Time + + it.Before(func() { + var err error + deprecationDate, err = time.Parse(time.RFC3339, "2022-04-01T00:00:00Z") + Expect(err).NotTo(HaveOccurred()) + }) + + it("returns a list of BOMEntry values", func() { + entries := service.GenerateBillOfMaterials( + postal.Dependency{ + DeprecationDate: deprecationDate, + ID: "some-entry", + Name: "Some Entry", + SHA256: "some-sha", + Source: "some-source", + Stacks: []string{"some-stack"}, + URI: "some-uri", + Version: "1.2.3", + }, + postal.Dependency{ + ID: "other-entry", + Name: "Other Entry", + SHA256: "other-sha", + Source: "other-source", + Stacks: []string{"other-stack"}, + URI: "other-uri", + Version: "4.5.6", + }, + ) + Expect(entries).To(Equal([]packit.BOMEntry{ + { + Name: "Some Entry", + Metadata: map[string]interface{}{ + "deprecation-date": deprecationDate, + "sha256": "some-sha", + "stacks": []string{"some-stack"}, + "uri": "some-uri", + "version": "1.2.3", + }, + }, + { + Name: "Other Entry", + Metadata: map[string]interface{}{ + "sha256": "other-sha", + "stacks": []string{"other-stack"}, + "uri": "other-uri", + "version": "4.5.6", + }, + }, + })) + }) + }) } From 6b9b10b991b7a4bcb2d2ccddbb0f6d3b4a63e196 Mon Sep 17 00:00:00 2001 From: Sophie Wigmore Date: Fri, 2 Apr 2021 17:33:01 -0400 Subject: [PATCH 4/6] Test out what GHA automation for synchronizing labels looks like --- .github/labels.yml | 18 ++++++++++++++++++ .github/workflows/synchronize-labels.yml | 17 +++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 .github/labels.yml create mode 100644 .github/workflows/synchronize-labels.yml diff --git a/.github/labels.yml b/.github/labels.yml new file mode 100644 index 00000000..bace6e20 --- /dev/null +++ b/.github/labels.yml @@ -0,0 +1,18 @@ +- name: status/possible-priority + description: This issue is ready to work and should be considered as a potential priority + color: F9D0C4 +- name: status/prioritized + description: This issue has been triaged and resolving it is a priority + color: BFD4F2 +- name: status/blocked + description: This issue has been triaged and resolving it is blocked on some other issue + color: 848978 +- name: bug + description: Something isn't working + color: d73a4a +- name: enhancement + description: A new feature or request + color: a2eeef +- name: documentation + description: This issue relates to writing documentation + color: D4C5F9 diff --git a/.github/workflows/synchronize-labels.yml b/.github/workflows/synchronize-labels.yml new file mode 100644 index 00000000..1c04394a --- /dev/null +++ b/.github/workflows/synchronize-labels.yml @@ -0,0 +1,17 @@ +name: Synchronize Labels +"on": + push: + branches: + - main + paths: + - .github/labels.yml +jobs: + synchronize: + name: Synchronize Labels + runs-on: + - ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: micnncim/action-label-syncer@v1 + env: + GITHUB_TOKEN: ${{ github.token }} From 7809aeb5fe7a87dfcbda4fa8b5738427d71df4d3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 Apr 2021 05:22:17 +0000 Subject: [PATCH 5/6] Bump github.com/pelletier/go-toml from 1.8.1 to 1.9.0 Bumps [github.com/pelletier/go-toml](https://github.com/pelletier/go-toml) from 1.8.1 to 1.9.0. - [Release notes](https://github.com/pelletier/go-toml/releases) - [Commits](https://github.com/pelletier/go-toml/compare/v1.8.1...v1.9.0) Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 42ffdd62..77440dc6 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/google/go-containerregistry v0.4.1 github.com/mattn/go-runewidth v0.0.8 // indirect github.com/onsi/gomega v1.11.0 - github.com/pelletier/go-toml v1.8.1 + github.com/pelletier/go-toml v1.9.0 github.com/sclevine/spec v1.4.0 github.com/spf13/cobra v1.1.3 github.com/ulikunitz/xz v0.5.10 diff --git a/go.sum b/go.sum index 8968a47f..83c56476 100644 --- a/go.sum +++ b/go.sum @@ -69,7 +69,6 @@ github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfc github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= @@ -277,8 +276,8 @@ github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVo github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pelletier/go-toml v1.8.1 h1:1Nf83orprkJyknT6h7zbuEGUEjcyVlCxSUGTENmNCRM= -github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= +github.com/pelletier/go-toml v1.9.0 h1:NOd0BRdOKpPf0SxkL3HxSQOG7rNh+4kl6PHcBPFs7Q0= +github.com/pelletier/go-toml v1.9.0/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= From 3bd7dd9eb6368d6e45209d1fd600a1ee462f0f3b Mon Sep 17 00:00:00 2001 From: Arjun Sreedharan Date: Thu, 8 Apr 2021 20:20:58 +0000 Subject: [PATCH 6/6] Fix go version Not all of packit is compatible with --- go.mod | 2 +- go.sum | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 77440dc6..d45ac583 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/paketo-buildpacks/packit -go 1.13 +go 1.16 require ( github.com/BurntSushi/toml v0.3.1 diff --git a/go.sum b/go.sum index 83c56476..3f8534a2 100644 --- a/go.sum +++ b/go.sum @@ -141,7 +141,6 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.3 h1:JjCZWpVbqXDqFVmTfYWEVTMIYrL/NPdPSCHPJ0T/raM= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -575,7 +574,6 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA= google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=